Configure Self-signed Server Certificate in git bash for a Particular HTTPS Remote.

Recently, I got myself hooked up in a situation with SSL Certificates configuration for a git repo and spent some time getting out of it. I am writing this short note to help people like me that may run into this issue.

You can use my scenario as a Problem Statement:

One of my client’s repositories required SSL verification to access it. I was provided with a private key(.p12) file and a Root CA certificate. I configured them in git bash, a few months back and forgot How 😕. As the certificates got expired, I was unable to pull or push code to the repo. The new certificates, I got, had different names than the previous ones. I am using macOS 12.1.

Solution

1. Convert privateKey.p12 to privateKey.key via the following command:

openssl pkcs12 -in privateKey.p12 -nodes -out privateKey.key -nocerts

2. Convert privateKey.p12 to privateKey.pem via the following command:

openssl pkcs12 -in privateKey.p12 -clcerts -nokeys -out privateKey.crt

3. Open global git configuration in edit mode using ‘vim’ via the following command:

git config --edit --global

Update file paths in the following lines as per files generated above:

http.<YOUR_REPO_URL>.sslcert=<FILEPATH>/privateKey.crt
http.<YOUR_REPO_URL>.sslkey=/<FILEPATH>/privateKey.key
http.<YOUR_REPO_URL>.sslcainfo=/<FILEPATH>/rootCA.pem

I hope you’ll find this quick note helpful if you run into such a problem.

Happy Coding 😄